ST-IDS: Spatio-temporal feature-based multi-tier intrusion detection system for artificial intelligence-powered connected autonomous vehicles

Abstract

Advancements in 3GPP specifications and the extensive deployment of 5G networks have driven significant growth in the Internet of Vehicles (IoVs). This development has led to an increase in Connected and Autonomous Vehicles (CAVs), which provide capabilities such as automated navigation, ADAS, cruise control, and environmentally sustainable transportation in real-time. Additionally, the widespread adoption of CAVs has also escalated vulnerabilities within the IoV ecosystem, exposing it to potential cyberattacks. The integration of various functional interfaces has enlarged its attack surface, thereby increasing the risk of vehicle infiltration. Researchers have proposed various Intrusion Detection Systems (IDS) to address the ongoing risk of vehicle attacks, without applying encryption and related authentication methods for intra-and inter-vehicular communications. However, a significant limitation of many IDSs is their dependency on characteristics specific to a particular category of vehicles, which limits their adaptability. Additionally, current IDSs frequently rely on one-dimensional features such as traffic, time, etc., which limits their capability of detecting attacks in adverse scenarios. Moreover, incorporating machine learning algorithms into IDSs deployed in automated automobiles causes an increase in computational demands. We propose to develop a collaborative IDS specifically designed for cloud-based vehicle environments. We aim to improve our capabilities of identifying intrusion detection and differentiate which are malicious by using multidimensional features. A customised Convolutional Neural Network (CNN), optimised through hyperparameter tuning, is also developed for detecting the malicious vehicles and enhancing the overall IDS. To address the challenge of data diversity, we integrate various vehicular datasets into a unified feature space. This integration allows a single model to efficiently perform multi-classification tasks without frequent adjustments. Our feature space integrates dimensions such as traffic, time and so forth, levels, thereby expanding the spectrum of detectable attack scenarios. By identifying abnormal data points within this comprehensive feature framework, our system effectively identifies intrusions across a diverse range of vehicle types. As a result, our methodology supports robust intrusion detection through comprehensive multiclass vehicle classification.